Loading ...

Author: FarmhouseNetworking

Zero Trust – Trusted Vendors

This is the second in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on the vendors you purchase network equipment from. 

Trusted Vendors

Trusted vendors are those who supply workstations, servers, routers, switches, power protection, software, and anything else connected to your network. Here are some questions that you should be asking yourself:

  • Do you know who makes your network equipment, servers, computers, and software?
  • Do you know the way to contact their support and have current account access information?
  • Do you have current warranties / support contracts on hardware and software?
  • Is the hardware able to perform at the level needed?
  • Are you purchasing software from those who meets industry standards?
  • If a subscription, how much are you paying and are you on the correct plan for your needs?
  • When is the last time you upgraded your software and hardware?
  • Have you budgeted for the next upgrade?

Take time to think about these questions and decide where changes can be made to better protect your IT investments, or contact us to do the thinking for you.

Zero Trust – Physical Security

This is the first in a series about the concept of Zero Trust, which means in the IT sense that you trust nothing and always verify everything surrounding and connected to your network. Today’s discussion will be on the physical security surrounding your network. 
 

Physical Security

Physical security can include the locks on the doors, where things are placed, and how they are protected from the unpredictability of the environment. Here are some questions that you should be asking yourself:

  • Do you know where your network equipment is located?
  • Is the server / network in a separate area from where work is done?
  • Is this separate area behind a locked door?
  • Is the equipment in a locked rack or cabinet?
  • Is there a separate air conditioning zone for this area (servers like it cold)?
  • Is there a separate alarm zone for this equipment?
  • Who has the codes?
  • Is there a security camera watching this area (we don’t install these)?
  • How long is the recording for?
  • Who has access to the recordings?
  • Are computers located in areas where customers can physically touch them?
  • Are unused USB ports on the computer turned off or locked?
  • Are all systems protected by battery backup devices?
  • Are all systems off the floor in case of a flood?

Take time to think about these questions and decide where changes can be made to better protect your IT investments, or contact us to do the thinking for you.

US Takes Action Against Russian Cyber Threats

We caught wind of two separate actions the US has taken against Cyber Threats from Russia over the weekend:

Kaspersky

The first is news that the US Federal Communications Commission has added Russian cybersecurity company Kaspersky Lab to its list of entities that pose an “unacceptable risk to US national security,” according to a report from Bloomberg. This company has been banned from use by government agencies since 2017 when a bill was signed due to the companies ties to the Kremlin. 

Russian Hackers

The second article was a press release from the FBI stating that:

“The Department of Justice unsealed two indictments today charging four defendants, all Russian nationals who worked for the Russian government, with attempting, supporting and conducting computer intrusions that together, in two separate conspiracies, targeted the global energy sector between 2012 and 2018. In total, these hacking campaigns targeted thousands of computers, at hundreds of companies and organizations, in approximately 135 countries.”

This hacking activity should be another wake-up call to American businesses to harden their defenses and remain vigilant against cyber security threats. These people are nationally sponsored criminals and we must protect ourselves. 

If your company is currently using Kaspersky or any other Russian based vendors, then it is time to carefully consider whether to continue being connected with them and contact us for assistance migrating to a trusted source.

Hackers Penetrate 93% of Company Networks

Hacked - Grants Pass, OR

Security researchers performed penetration testing on the networks of 45 various mid-sized companies and found that in real life scenarios 93% of those networks were able to be compromised to the point of business disruption. Here are the details:

The Target

The 45 companies were polled to determine what would be an unacceptable business interruption. They decided that the following met that criteria:

  • Disruption of production processes
  • Disruption of service delivery processes
  • Compromise of the digital identity of top management
  • Theft of funds
  • Theft of sensitive information
  • Fraud against users

These became the target for the penetration testers. 


The Process

In order for the penetration tester to achieve their target, they followed the following process:

  • Breach the network perimeter – This was done by the use of compromised passwords found on the Dark Web and know vulnerabilities on devices that were directly connected to the internet
  • Obtain maximum privileges – In 100% of the networks, once an attacker was inside the network
  •  Gaining access to key systems – With maximum privileges, the testers are able to gain access to other areas of the network including databases, executives computers, and production servers
  • Develop attacks on target systems – Once key systems are compromised the testers then figured out how to create the unacceptable business interruption. Although they could have created these interruptions, they only gathered proof that they could to present the data to the companies. 


How to Defend 

There are a couple main ways to defend against these kinds of attacks:

  • Security Controls / Segmentation – Creating least privileged access to key systems and segmenting the network will keep hackers from traversing the network once inside
  • Enhanced Network Monitoring – Modern cyber security tools watch activity and traffic on the network to find indicators of compromise. They pool this information into an attack history that can be used to remediate and further protect. 


Your company is not as safe as you think, so contact us for free initial cybersecurity evaluation and risk report.  .

New Computer – Price Does Matter

desktop upgrades - Grants Pass, OR

Based on some recent experiences and plenty of past experiences, we thought it would be good to help customers make good choices when shopping for new computers. The easiest and best way is to trust us to do the research and know your company’s computing needs enough to provide you with the best computer for the best price. However there are some that like the thrill of the hunt and want to find the best “deal” themselves. They try to save money via sales that we honestly cannot compete with on price. This newsletter is meant to help guide them to the best options for solid performance and longevity in their investment. 

Shopping Guide

Big Box Stores (Staples, Walmart, Costco, Best Buy, etc.): Seeing the local adds, these retailers are often at the top of the list for many people when shopping for a computer. They offer the convenience of being able to physically touch the computer being purchased and not having to wait for the computer to be shipped from some other part of the country. The downside is that these retailers are selling a commodity product for the smallest cost possible to maximize their profits. This means they are willing to have computers made from the least expensive parts and lowest build quality. They also find ways of scrimping on important features and masking this deficiency with flashy claims on features or partnerships with celebrity endorsements. Don’t be fooled these are disposable computers that will not stand up to the demands of a business environment. 

Online Discount Sellers (eBay, Amazon, Google. Overstock, etc.): Bargain hunters are getting savvier with online tools and searches for the products they want. This type of “retailer” works much like the big box store, but you have to trust the pictures you see online and wait for the product to arrive from across the country or globe. These online stores are often just marketplaces where smaller retailers post their products to gain greater visibility then they could on their own. They are also notorious for selling what appear to be quality computers that have been “refurbished” in-house. These refurbished computers are usually years old and are a Frankenstein monster of spare used parts from their shop. Much like buying a car from a used car lot, you get all the troubles of someone else’s computer with all the reliability of a computer that is past its prime held together with old parts. 

What to look for in a new computer

Business Class: This is important because manufactures who have this distinction on their products take the time to make a quality computer with mid-range parts. These computers will have all the needed features and typically last much longer then the disposable computers from other stores. If you go directly to the manufacturers website, they will typically have a section labeled Business that you can look through the models they have given this distinction.  

Processors: This is the capacity of the computer to crunch through data. There are two main companies that make these chips, Intel and AMD. Intel is what I recommend for the majority of business users (except for those who only do light office work). They currently are using a system of Generations and i-series distinctions. The Generations help determine the age of the processor with the latest being 12th-generation processors, so if you are looking at a computer with a 9th-generation processor it is likely 3 years old out of the box. The i-series consists of i3, i5, i7, and i9 which is a measure of the raw computing power that the processor contains. Our recommendation for businesses are i5 for general office work and i7 if you are a power user who does many things at once. 

Memory: This is the short-term memory capacity of the computer, so the more you have the more you can accomplish at once. These chips also have designations of DDR technology and PC-speed rating. The DDR technology has slowly changed over time and they are now shipping DDR5 chips for top of the line gaming computers, but for typical office computers the DDR4 technology will be the best performance per dollar. As for the PC-speed rating, it will somewhat match the DDR number with the latest in the PC5-38400 range, but again the PC4 with the highest number possible next to it will be sufficient. General office work can be accomplished with 8GB of RAM, but 16GB is becoming the new norm. Those who want more performance will need to go to 32GB or higher.

Hard Drive: This is the long-term memory storage of the computer. There have been massive improvements in technology on these in the past few years and performance has jumped substantially. This is one of the ways that big box stores save money the most, they sell an old fashioned hard drive in a new computer and performance suffers greatly. The newest technology is called NVMe and any new computer should contain this kind of hard drive to see the best performance. If cost is prohibitive, then at least get the previous technology of an SSD installed in the computer. 

Everything Else: The rest is mostly personal taste. If you want wireless, then get one with wireless in it with the latest being WiFi6 and some include Bluetooth connections too. If you want a large screen, touchscreen, fingerprint scanner, lightweight, certain specific ports for your devices, or whatever other features – these will be the finishing touches that help shape your final choice. 

If your company is going to looking to buys new computer, then contact us to save yourself the time and money of getting a computer or worse the wrong computer.

Find and remove Office 365 Public Folder Calendar

Here is a quick bit of Powershell that helped me to track down a “shared calendar” in a Co-Managed IT / Tier3 client’s Office 365 tenant. After looking in Shared Mailboxes and Resources for the calendar with no luck, we tried to get into the Exchange Management Console (EMC). The loading circle of death went on for an eternity, so switched to good old Powershell. Found the commands as follows after connecting to Exchange Online in Powershell:

get-publicfolder -Recurse

Remove-PublicFolder -Identity \[PublicFolderName]\[calendarname]\

If your company is looking for local management of your Office 365 tenant or need advanced support for your IT team, then contact us to find out how much you can save with us. 

Microsoft to deactivate customer with no warning

We recently received this notice from Microsoft:

“Microsoft has observed a recent increase in spamming activity among some customers using Azure subscriptions obtained via their CSP partners. This activity is outside of what is permitted under the terms of use for Microsoft Azure services.

Examples of these violations of Microsoft’s acceptable use policy can include:

  • Spamming
  • Hacking
  • Distributed denial-of-service (DDoS) attacks
  • Cryptocurrency mining
  • Malware distribution
  • Resale of pirated subscriptions

In cases where Microsoft observes this type of activity, we may take action to deactivate customer subscriptions without prior notice.”

This is definitely the time to make sure that your company has the following safeguards in place:

  • Antivirus with Enhanced Detection & Response – to catch the bad guys on the internal network
  • Multi-factor Authentication on all online accounts – make the hackers job harder with more secure connections
  • Password Manager – to stop using the same password for all sites (changing on character is not enough)
  • Enhanced Email Security – to keep the bad guys from pretending to be your company and stop the spam before it gets out
  • SaaS Backups – to prevent deletion of emails, contacts, calendar items, and shared online storage 

Every company is entitled to a free security check-up, so contact us to schedule yours today. 

The 1:1 hierarchy of needs: Building the foundation for future educational technology success

Take an in-depth look at the 1:1 paradigm, a scenario in which schools are equipped to provide every student with a device to facilitate more connected and meaningful learning. Examine the detailed process of how today’s schools are moving toward a future where every student has equal educational opportunities.

View: The 1:1 hierarchy of needs: Building the foundation for future educational technology success

Reimagine the Flow of Work in the New Hybrid Work Reality

Flexibility is a must in the new post-pandemic work world. Hybrid work continues to evolve, and business leaders are looking for a new operating model. Technology is the binding factor to create inclusive meetings that keep employees engaged and inspired. Updates to Teams like PowerPoint Live, the Teams camera feed, Microsoft Whiteboard—and devices like Surface Hub—encourage digital collaboration.

Endpoint Manager combines services like Microsoft Intune, Configuration Manager, Desktop Analytics, co-management, and Windows Autopilot to help secure access, protect data, and respond and manage risk.

Sign up to say connected—we’ll help you better connect and create new experiences throughout your organization with Hybrid Meetings.

View: Reimagine the Flow of Work in the New Hybrid Work Reality

Categories

Plant a Seed 541-761-9549
233 Rogue River Hwy #873 Grants Pass, OR 97527
Mon-Fri: 9:00am-5:00pm
support@farmhousenetworking.com
© 2016-2022- Farmhouse Networking. All rights reserved
Terms and Conditions Privacy Policy

Evaluation Signup

    Something went wrong, try refreshing and submitting the form again.